<?php

class AuthenticationController extends Pldkp_Controller_Action 
{
    function indexAction() 
    {    
        // Anyone requesting this controller will be redirected
        $this->_redirect('/');
    }
    
    function logoutAction()
    {
        // Logout
        $auth = Zend_Auth::getInstance();
        $auth->clearIdentity();
        $auth->getStorage()->clear();
        $this->_redirect('/authentication/logged-out');
    }
    
    function loggedOutAction()
    {
        
    }
    
    public function accessDeniedAction()
    {
        if ($this->_request->get("redirect")) {
            $this->view->redirectedFrom = urldecode($this->_request->get("redirect"));
        } else {
            $this->view->redirectedFrom = null;
        }
            
        $this->view->loggedIn = Zend_Auth::getInstance()->hasIdentity();
    }
    
    function loginAction()
    {
        // Default is to redirect to /
        $redirect = "/";
        
        // See if a redirect should be issued if the user is logged in.
        if ($this->_request->get("redirect")) {
            $redirectUrl = urldecode($this->_request->get("redirect"));
            // Only redirect to a url on this site
            if (strpos($redirectUrl, "/") === 0) {
                $redirect = $redirectUrl;
            }
        } 
        
        // Dont show the form if the user is logged in
        if (Zend_Auth::getInstance()->hasIdentity()) {
            $this->_redirect($redirect);
        }
        
        // Setup the login form
        $form = new Form_Login();
        $this->view->form = $form;
        
        if ($this->_request->isPost()) {
            
            $postData = $this->_request->getPost();
            if ($form->isValid($postData)) {
                
                $email = $form->getValue('email');
                $password = $form->getValue('password');
                $rememberMe = false;
                
                // Setup the auth adapter
                $db = Zend_Db_Table::getDefaultAdapter();
                $authAdapter = new Zend_Auth_Adapter_DbTable($db);
                $authAdapter->setTableName('users');
                $authAdapter->setIdentityColumn('email');
                $authAdapter->setCredentialColumn('password');
                $authAdapter->setCredentialTreatment('SHA1(?)');
                
                // Set the input credential values to authenticate against
                $authAdapter->setIdentity($email);
                $authAdapter->setCredential($password);
    
                // do the authentication
                $auth = Zend_Auth::getInstance();
                $result = $auth->authenticate($authAdapter);

                if ($result->isValid()) {
                    // Check that the user is activated
                    $data = $authAdapter->getResultRowObject('id',null);
                    $user = User_Model_Users::getById($data->id);
                    
                    if (!$user) {
                        $auth->clearIdentity();
                        $auth->getStorage()->clear();
                        throw new Exception('User was authed but not found');
                    }   
                    
                    // success: store database row to auth's storage
                    // system. (Not the password though!)
                    if ($rememberMe) Zend_Session::rememberMe(60*60*24*365);
                    
                    $auth->getStorage()->write($data);
                    $this->_redirect($redirect);
                    
                } else {
                    // failure: clear database row from session
                    $this->setInstantFlashMessage('Login failed');
                    $auth->getStorage()->clear();
                }
            } else {
                $form->populate($postData);
            }   
        }         
    }
}